Wireshark 2.2.x < 2.2.15 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.2.15. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.15 advisory. - In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was...

Wireshark 2.4.x < 2.4.7 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 2.4.7. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.4.7 advisory. - In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in...

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version 10.0.8.3 Vulnerability Details CVEID:CVE-2013-4660 DESCRIPTION: The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, which allows remote attackers to execute...

Ubuntu: Security Advisory (USN-7622-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-21072

An issue was discovered on Samsung mobile devices with M6.0, N7.x, and O8.0 Exynos chipsets software. A kernel driver allows out-of-bounds Read/Write operations and possibly arbitrary code execution. The Samsung ID is SVE-2018-11358 May 2018...

CVE-2019-11358 affecting package orangefs for versions less than 2.9.7-7

CVE-2019-11358 affecting package orangefs for versions less than 2.9.7-7. A patched version of the package is available...

jQuery 3.3.1 - Prototype Pollution &amp; XSS Exploit

Exploit Title: jQuery Prototype Pollution & XSS Exploit CVE-2019-11358 & CVE-2020-7656 Google Dork: N/A Date: 2025-02-13 Exploit Author: xOryus Vendor Homepage: https://jquery.com Software Link: https://code.jquery.com/jquery-3.3.1.min.js Version: 3.3.1 Tested on: Windows 10, Ubuntu 20.04, Chrome...

📄 jQuery 3.3.1 Cross Site Scripting

jQuery version 3.3.1 proof of concept exploit that demonstrates cross site scripting via improper script handling and prototype pollution. Exploit Title: jQuery Prototype Pollution & XSS Exploit CVE-2019-11358 & CVE-2020-7656 Google Dork: N/A Date: 2025-02-13 Exploit Author: xOryus Vendor Homepag...

Security Bulletin: Multiple security vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.

Summary jQuery is used by IBM Robotic Process Automation for Cloud Pak as part of Abbyy CVE-2015-9251, CVE-2019-11358, CVE-2020-11022, CVE-2020-11023, CVE-2020-23064. Kubernetes kube-apiserver is used by IBM Robotic Process Automation for Cloud Pak as part of the operator CVE-2020-8552. Go Go-Yam...

Linux Distros Unpatched Vulnerability : CVE-2019-11358

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extendtrue, , ... because of Object.prototype pollution. If an...

Linux Distros Unpatched Vulnerability : CVE-2018-11358

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. This was addressed in epan/dissectors/packet-q931.c by avoiding a...

Linux Distros Unpatched Vulnerability : CVE-2017-11358

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The readsamples function in hcom.c in Sound eXchange SoX 14.4.2 allows remote attackers to cause a denial of service invalid memory read and application crash v...

openSUSE Security Advisory (openSUSE-SU-2024:0231-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerabilities in the jquery-1.10.0.js package affect Data Replication on Cloud Pak for Data

Summary Multiple vulnerabilities in the jquery-1.10.0.js package used in Data Replication on Cloud Pak for Data were addressed. Vulnerability Details CVEID:CVE-2020-11023 DESCRIPTION: In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing option elements from...

CVE-2019-11358 affecting package m2crypto for versions less than 0.38.0-4

CVE-2019-11358 affecting package m2crypto for versions less than 0.38.0-4. A patched version of the package is available...

CVE-2024-11358

creationtimestamp| type| source ---|---|--- 2024-12-16 19:02:42+00:00| seen| https://t.me/cvedetector/13023...

CVE-2024-11358

Mattermost Android Mobile Apps versions =2.21.0 fail to properly configure file providers which allows an attacker with local access to access files via file provider...

CVE-2024-11358 Insecure Android File Provider Paths

Mattermost Android Mobile Apps versions =2.21.0 fail to properly configure file providers which allows an attacker with local access to access files via file provider...

CVE-2024-11358 Insecure Android File Provider Paths

Mattermost Android Mobile Apps versions =2.21.0 fail to properly configure file providers which allows an attacker with local access to access files via file provider...

CVE-2024-11358

Mattermost Android Mobile Apps (versions